I discovered an error on my pagination script within CodeIgniter:
$this->db->where("by_id",$user_id);
$this->db->order_by("date","desc");
$this->db->limit(10,$from);
$query = $this->db->get("status");
The url looks like this : server/demo/page/10
so if user type server/nedjma/baniss/1000000000000000000000
Error Number: 1064
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1000000000000000000000, 10' at line 5
SELECT * FROM (
status) WHEREby_id= '58' ORDER BYdatedesc LIMIT 1000000000000000000000, 10
can you tell me please what's the bug ?
It's not a CodeIgniter vulnerability or bug. It's simply an SQL/MySQL issue. I did a little testing with phpMyAdmin, the largest offset you can use is somewhere around 18000000000000000000.
Anything larger, and you will get an SQL syntax error. If you want to prevent this error from happening, just check to make sure $from isn't greater than 18 x 10^18, or create your own custom error pages. You could also just turn error reporting off - at the top of CI's index.php, error_reporting(0);
One final note - the code you posted isn't open to SQL injection. CodeIgniter's Active Record class escapes and checks your input for you. If $from is not a number, then Active Record won't generate a LIMIT clause when creating the SQL.